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Top Stories 

• The U.S. Department of Transportation Secretary reported July 24 that the U.S. Federal 
government opened a price-gouging investigation into Delta, American, United, Southwest, 
and JetBlue airlines, alleging the companies raised airfares in the Northeast after a May 12 
Amtrak crash disrupted rail service. - Associated Press (See item 9 ) 

• All 700,000 residents in Dekalb County remain under a boil water advisory July 27 after 
crews fixed a 48-inch transmission line that broke July 23. - WSB 2 Atlanta (See item 10 ) 

• Security researchers at Zimperium zLabs reported that about 950 million Android devices 
are vulnerable to flaws in the operating system’s (OS) Stagefright media engine. - 
Threatpost (See item 

• Fifteen families were displaced July 26 after a 5-alarm fire severely damaged 3 apartment 
buildings in Union City, New Jersey after beginning inside a home - WABC 7 New York 
City (See item 28 ) 
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Energy Sector 



For additional stories, see items 6 and 11 

Chemical Industry Sector 

1 . July 26, Associated Press - (Pennsylvania) Chemical plant fire’s long-term effects 
on creek under investigation. Authorities reported July 26 that studies show some 
wildlife has returned to a branch of Conewago Creek in Pennsylvania after a June fire 
at the Miller Chemical and Fertilizer plant in Hanover left thousands of fish dead 
within a 15-mile span and closed the area for over a month. 

Source: 

http://www.pennlive.com/midstate/index.ssf/2015/07/conewago creek health fire.htm 
1 

Nuclear Reactors, Materials, and Waste Sector 

2. July 26, Associated Press - (Arkansas) U.S. to inspect Arkansas nuclear plant with 
poor safety record. The Nuclear Regulatory Commission reported July 26 that 
Entergy Arkansas Inc., is scheduled to undergo a 3,000 hour inspection in addition to 
the 6,600 hours of normal annual inspection after a worker was killed at its plant in 
March 2013. The inspection will verify that Entergy properly maintained its facility and 
ensured employee safety. 

Source: http://www.ctpost.com/business/energv/article/Nuclear-Regulatory- 
Commission-to-inspect- Arkansas-640646 1 .php 

3. July 25, Associated Press - (Missouri) Mo. nuclear power plant reopens. Officials 
reported July 25 that Ameren Corp.’s nuclear power plant in Eulton reopened July 24 
after the plant was shut down July 23 due to a “non-emergency” steam leak. 

Source: http://www.ksdk.eom/storv/news/local/2015/07/25/missouri-nuclear-power- 
plant-reopens/30657609/ 

Critical Manufacturing Sector 

4. July 27, Detroit Free Press - (National) Fiat Chrysler to pay up to $105 million in 
penalties to NHTSA. Eiat Chrysler Automobiles agreed to pay up to $105 million in 
fines and penalties to the U.S. National Highway Traffic Safety Administration 
(NHSTA), submit itself to increased oversight, and offer to buy back over 500,000 
vehicles with defective suspension parts in response to NHSTA allegations that the 
company has failed to adequately address a range of vehicle safety issues. 

Source: http://www.freep.eom/storv/monev/2015/07/26/fiat-chrvsler-nhtsa- fine- 
recalls/30693265/ 



Eor another story, see item 23 
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Defense Industrial Base Sector 



For another story, see item 15 

Financial Services Sector 

5. July 24, KNXV 15 Phoenix - (Arizona) FBI asks public’s help identifying 
“Sabbatical Bandit” bank robber. FBI officials are looking for information leading 
to the capture of a suspect dubbed the “Sabbatical Bandit”, who allegedly robbed a 
Mesa bank July 18 in addition to at least 4 others since 2010. 

Source: http://www.abc 1 5 .com/news/region-phoenix-metro/central-phoenix/fbi-asks- 
public-to-help-identify-sabbatical-bandit-bank-robber 

Transportation Systems Sector 

6. July 26, KTVT 11 Fort Worth - (Texas) Cleanup underway after train derailment in 
Mansfield. Officials confirmed that a dozen cars carrying coal from a Burlington 
Northern Santa Fe Railway train derailed in Mansfield July 26 and knocked down 
several power lines and caused a small fire. Train tracks in the area have been shut 
down while crews respond to the scene. 

Source: http://dfw.cbslocal.com/2015/07/26/cleanup-underway-after-train-derailment- 
in-mansfield/ 

7. July 25, Gainesville Sun - (Florida) Man dead, Interstate 75 shut down for hours in 
Alachua County. Northbound and southbound lanes on Interstate 75 were shut down 
at mile marker 374 near Micanopy for several hours July 25 after an armed man fired a 
handgun at a Florida Highway Patrol trooper. Authorities found a body nearby the 
interstate and it is believed it to be the suspected gunman. 

Source: http://winknews.eom/2015/07/25/man-dead-interstate-75-shutdown-for-hours- 
in-alachua-county/ 

8. July 24, Associated Press - (New Jersey) NJ Transit again apologizes for Amtrak 
power problems. Amtrak trains running between Washington, D.C, and Boston were 
delayed July 24 after power problems restricted Amtrak to operate 3 trains at a time 
through the Hudson River Tunnel into New York City. 

Source: http://www.mcall.com/news/nationworld/pennsvlvania/mc-nj-nvc-commuter- 
train-delavs-20150724-storv.html 

9. July 24, Associated Press - (Pennsylvania) Transportation Chief: 5 airlines probed 
for price- gouging after deadly train derailment. The U.S. Department of 
Transportation Secretary reported July 24 that the U.S. Federal government opened a 
price-gouging investigation into Delta, American, United, Southwest, and JetBlue 
airlines, alleging the companies raised airfares in the Northeast after a May 12 deadly 
Amtrak crash in Philadelphia disrupted rail service. The department has sent letters to 
the involved airlines explaining that the investigation is exploring whether the price 
hikes violated Federal regulations prohibiting airlines from engaging in unfair and 
deceptive practices. 
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Source: http ://philadelphia. cb slocal . com/20 1 5/07 /24/transportation-chief- 5 - airlines - 
probed-for-price-gouging-after-deadly-train-derailment/ 

For another story, see item 13 

Food and Agriculture Sector 

Nothing to report 

Water and Wastewater Systems Sector 

10. July 27, WSB 2 Atlanta - (Georgia) 700,000 DeKalb residents under boil water 
advisory. All 700,000 residents in Dekalb County remain under a boil water advisory 
July 27 after crews fixed a 48-inch transmission line that broke July 23 and caused 
residents to have low or no pressure even after it was fixed. DeKalb Watershed 
reported that pressure would slowly build overnight and that water should be back by 
July 27. 

Source: http://www.wsbtv.eom/news/news/local/700000-dekalb-residents-under-boil- 
water-advisory/nm694/ 



11. July 27, WKBN 27 Youngstown - (Ohio) Water conservation alert lifted after 
Brookfield spill. The U.S. Environmental Protection Agency reported July 24 that 
cleanup efforts will continue the week of July 27 after 1,700 gallons of oil spilled into a 
creek that feeds the Shenango River July 26. Crews were working to deflect oil away 
from the Aqua America plant and have asked customers to conserve water until July 
27. 

Source: http://wkbn.eom/2015/07/24/emergencv-crews-investigating-brookfield-oil- 
product- spill/ 

For another story, see item 1 

Healthcare and Public Health Sector 

For another story, see item 21 

Government Facilities Sector 

12. July 27, ThreatPost - QAdXiondX) Census Bureau says breach didn’t compromise 
sensitive data. The U.S. Census Bureau announced a July 22 data breach that affected 
the Federal Audit Clearinghouse, after a faulty configuration setting allowed 
Anonymous Operations hackers to gain access, did not compromise any confidential 
information. No access to internal systems of the agency was detected and the system 
will remain offline pending an investigation and improved security measures. 

Source: https://threatpost.com/census-bureau-savs-breach-didnt-compromise-sensitive- 
data/1 13957 

13. July 27, KFSN 30 Fresno - (California) Willow fire near Bass Lake explodes in size, 
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scorches more than 1,500 acres. Mandatory evacuation orders were issued July 26 for 
residents of Central Camp in addition to evacuation advisories for Cascadel Woods and 
closed down sections of Road 274 after Willow Fire in the Sierra National Forest grew 
to over 1,521 acres. Officials are investigating the cause of the fire, which is five 
percent contained. 

Source: http://abc30.com/news/wildfire-near-bass-lake-explodes-in-size- 
ovemight/881133/ 

14. July 26, Reno Gazette- Journal - (California) Lowell Fire 15 percent contained; 
smoke hits Reno-Sparks. Officials are investigating the cause of Lowell Fire near the 
edge of Tahoe National Forest which injured 4 and burned 1,500 acres the weekend of 
July 25. A total of 1,1 1 1 emergency responders were deployed to extinguish the fire. 
Source: http://www.rgi.com/storv/news/2015/07/26/lowell-fire-placer-county-percent- 
contained/30695415/ 



15. July 25, Military Times - (National) GAO: defense installation utilities at risk of 
cyber attack. A recent report released by the U.S. Government Accountability Office 
warned against vulnerabilities in the military’s industrial control systems (ICS) network 
controlling essential services to military installations worldwide. A 2018 deadline set 
by the Pentagon to address limited cyber defenses for the ICS will be difficult to meet 
due to delays and unreliable data, according to the report. 

Source: http://www.militarvtimes.eom/storv/militarv/2015/07/24/utilitv-cvber- 
attack/306 15033/ 

16. July 24, New York Times - (National) Defense Department asks armed civilians to 
stop guarding recruiters. The U.S. Department of Defense issued a statement July 24 
asking armed civilians guarding nationwide military recruiting stations to leave their 
posts, warning their presence might cause safety problems. The request comes after an 
accidental weapons discharge by an armed civilian outside a recruiting station in 
Lancaster, Ohio July 23. 

Source: http://www.nvtimes.eom/2015/07/25/us/defense-dept-asks-armed-civilians-to- 
stop-guarding-recruiters.html? r=2 

Emergency Services Sector 

17. July 26, Associated Press; Washington Post - (Maryland) Inmate stabbed, burned 
with ‘bleach-type liquid’ at medium-security Md. prison. An official from the 
Maryland Correctional Institution in Jessup reported July 26 that an inmate was stabbed 
and burned with a “bleach-type liquid” July 23 and taken to a bum center for non-life 
threatening wounds. 

Source: 

http://www.dailvioumal.net/view/storv/3a28f70fdc0a4ccaad835d4759e37be7/MD- 
Inmate- Attacked 

18. July 26, Prescott Daily Courier - (Arizona) Police SUV stolen, man arrested. A 
California man was arrested July 25 on charges of aggravated assault, endangerment, 
theft of means of transportation, among other charges after stealing a Prescott Valley 
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SUV patrol vehicle and crashing the vehicle into a large ditch. 

Source: 

http://dcourier.com/main.asp?SectionID=l&SubSectionID=l&ArticleID=148064 

19. July 25, KATU 2 Portland - (Washington) Manhunt in Wash, for suspect who stole 
King Co. deputy cruiser. The King County Sheriffs Office reported July 25 that a 
man was arrested after resisting arrest and stealing a deputy’s vehicle while handcuffed. 
Police officers, SWAT teams, and K9 units responded to the incident and found the 
man in brush. 

Source: http://www.katu.com/news/local/Manhunt-in-Washington-for-suspect-who- 
stole-King-Countv-deputv-cruiser-318535851.html 

For additional stories, see items and 7 and 14 

Information Technology Sector 

20. July 27, Threatpost - (International) Android Stagefright flaws put 950 million 
devices at risk. Security researchers at Zimperium zLabs reported that about 950 
million Android devices are vulnerable to flaws in the operating system’s (OS) 
Stagefright media engine, in which excessive permissions could allow an attacker to 
send a Multimedia Messaging Service (MMS) or Google Hangouts message to trigger 
the vulnerability, granting system access on the affected device. 

Source: https://threatpost.com/android-stagefright-flaws-put-950-million-devices-at- 
risk/1 13960 

21. July 27, Securityweek - (International) Many high-profile firms using vulnerable 
PHP File Manager: researcher. A security researcher identified several 
vulnerabilities in Revived Wire Media’s PHP File Manager application, including the 
existence of a default user account with backdoor access to systems running the 
software, lack of protection for the user database, and arbitrary file upload 
vulnerabilities, among other flaws. Many firms reportedly still use the application even 
though it has not been updated since its release in 2010 - 201 1. 

Source: http://www.securitvweek.com/manv-high-profile-firms-using-vulnerable-php- 
file-manager-researcher 

22. July 27, Help Net Security - (International) Over 5,000 mobile apps found 
performing in-app ad fraud. Security researchers from Forensiq discovered at least 
5,000 mobile applications being used for mobile hijacking ad fraud worldwide that 
were observed affecting 12 million unique devices over a 10-day period. 

Source: http://www.net-securitv.org/secworld.php?id=18667 

23. July 27, Threatpost - (International) Pair of bugs open Honeywell home controllers 
up to easy hacks. Researchers discovered vulnerabilities in Honeywell’s Tuxedo touch 
devices used for controlling home systems, including an authentication bypass bug that 
could grant access to restricted systems, and a cross-site request forgery bug that an 
attacker could use during an active authenticated session to execute the same 
commands as the user. 
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Source: https://threatpost.com/pair-of-bugs-open-honevwell-home-controllers-up-to- 
easy-hacks/1 13965 



For another story, see item 



Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: httD://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT ISAC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 



Communications Sector 

24. July 26, Syracuse.com - (New York) Phone service restored to most Oswego County 
residents. Service has been restored to the majority of Time Warner Cable customers 
in Oswego County, New York after losing telephone access, including 9-1-1 service 
July 26. The cause of the outage remains unknown. 

Source: 

http://www.svracuse.com/news/index.ssf/2015/07/phone service restored to most os 
wego county residents.html 

For additional stories, 2^ and 22 

Commercial Facilities Sector 

25. July 27, KTRK 13 Houston - (Texas) Gunfire reported before 3-alarm north 
Houston apartment fire. A 3-alarm fire at Canfield Apartments in Houston July 27 
severely damaged up to 10 apartment units and is believed to be “suspicious” after 
residents heard gunshots before the fire began. Three firefighters sustained non-life 
threating injuries and an investigation is ongoing. 

Source: http://abcl3.com/news/gunfire-reported-before-3-alarm-apartment-fire/884988/ 

26. July 27, ABC News - (Nevada) Pool fire at Cosmopolitan Hotel of Las Vegas fueled 
by cabanas, artificial plants, fire dept. says. A 2-alarm pool fire at The Cosmopolitan 
Hotel in Las Vegas prompted the evacuation of several hotel floors and injured 2 
residents after the fire was fueled by artificial plants. Fire crews extinguished the 
flames and an investigation is ongoing to determine the cause of the fire. 

Source: http://abcnews.go.com/US/fire-rages-cosmopolitan-hotel-las- 
vegas/story?id=32685666 

27. July 26, New Orleans Times-Picayune - (Louisiana) 4 shot in assault rifle attack at 
Desire’s Sampson park. A man armed with an assault rifle opened fire July 26 at 
Desire, Louisiana’s Edith Sampson Playground Park, shooting four people and leaving 
one critically injured. Several children and parents were evacuated from the area and an 
investigation is ongoing to determine the shooter and possible accomplice. 

Source: 
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http://www.nola.eom/crime/index.ssf/2015/07/4 shot in assault rifle attack.html 



28. July 26, WABC 7 New York City - (New Jersey) 15 families displaced in Union City 
5-alarm fire. Fifteen families were displaeed July 26 after a 5-alarm fire severely 
damaged 3 apartment buildings in Union City, New Jersey after beginning inside a 
home. Five firefighters were injured and an investigation is ongoing to determine the 
eause of the ineident. 

Souree: http://7 online. eom/news/ 1 5 -families-displaeed-in-union-eity-fire/8 83 805/ 

For another story, see item ^ 

Dams Sector 



Nothing to report 




NTAS 



NO ACTIVE ALERTS 
wwvv.DHS.gov /alerts 



Department of Homeland Security (DHS) 

DHS Daily Open Source Infrastructure Report Contact Information 

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday 
through Friday] summary of open-source published information concerning significant critical 
infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for 10 days on 
the Department of Homeland Security Web site: http://www.dhs.gov/lPDailvReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support @ govdeliverv.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert.gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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